developerWorks: This is the developerWorks podcast. I'm Scott Laningham with Todd Watson [blog]. Our guest is Marty Mosley, an architect in IBM®'s Information Agenda Tiger Team who joined IBM as CTO of Initiate, an IBM company now focused on helping its clients achieve complete accurate and real-time views of data spread across multiple sources utilizing what's called master data management. Welcome, Marty.
Moseley: Thank you very much, Scott. It's good to be here.
developerWorks: Marty, I wonder if that term "master data management," if you could give us a quick definition of that up-top just so we know what we're talking about here.
Moseley: Yeah, that's probably a good idea.
When you hear master data management, think about orchestrating business processes and technologies and policies and governance, etc. ... for the sole purpose of improving the quality of your most critical kind of core data.
And when we think of healthcare, obviously the most core data are data about patients ... it's data about providers, it's data about locations of people in hospitals, etc. So kind of who, what, where, when, why, how are what we think of when we think of master data. Does that make sense?
developerWorks: Yes, absolutely. Now we did want to focus on your work in the healthcare arena and particularly within this interview. And I'm wondering you the could put the data management challenges in the healthcare space into some perspective for us.
Moseley: Well yes: Anybody in pretty much any country in the world knows that we're dealing with massive changes in healthcare systems, whether it's in North America, whether it's in the Middle East, whether it's in Asia-Pacific countries. Countries all around the world are going through gyrations figuring out how to provide better quality care to this ... their citizenry ... while protecting the identity of innocent people, providing better quality care without peeking too closely into people's lives. In some countries that's a huge issue.
We see that in North America; in the United States we're talking about medical home and collaborative care, about lowering the cost of care while improving quality of outcomes. We're talking about prevention, how do we keep people healthier so that you don't require as much care. We're talking about evidence-based medicine — people making decisions with real hard evidence instead of doctors kind of making their best guess based on years of experience. And then looking for ... being able to look for trends and illnesses and issues and incidents so that you can prevent diseases from spreading, you can prevent epidemics.
So the healthcare ecosystems around the world are just under massive change right now. And of course, that requires changes in policies at country levels, at federal, at province, state, and local government levels. It also requires new technologies as we try to address these needs.
Watson: First of all, I just find this topic fascinating because I think this is so long overdue and yet, you know, it's also an area that's kind of rife with challenges. And when you mention, for example, evidence-based medicine of which I'm slightly familiar. When you have that kind of evidence-based repositories, you're obviously gathering some very sensitive information, right, about people's medical histories and treatments and what's worked and what hasn't. And I think a lot of people are very concerned about the use or potential misuse of that very sensitive medical information.
So as you continue to frame what we're doing to help drive the smarter healthcare initiative, what measures are we also taking to help alleviate some of those fears as we work both with the consuming public as well as all the parties in the ecosystems — the insurance providers, the medical care providers, and so on — to keep that sanctity of that private information just that?
Moseley: You've touched on I think probably the hottest issue in the healthcare debates and that is how do you build trust into your technology ecosystems so that you are protecting the privacy and the identity of people, especially those who are vulnerable.
And there's no simple answer to that because the ecosystems are so complex. What it requires from A Smarter Planet standpoint is ecosystems that are built first on service-oriented architecture so that you can plug in privacy monitoring and security monitoring at various levels in your software stacks...
...whether it's a registration system and a clinic at some remote site or whether it's a billing system, whether it's a diagnostic system that's sharing data with other labs in real time, whether it's treatments, prescription drugs.
I mean, if you think about the case of the innocent children that are trying to protect their health proactively, you also want to know about their living situations and that sort of thing. And so you have to pretty much bake in the ability to monitor authentication, authorization at various levels in your software stack — at the database level, at the application level, at the message middleware level, at the wWeb level; and provide the ability for people to prove their identity so that they have the right not only to get the data but to actually make certain uses of it.
Again, it's a very, very complex issue that requires kind of even in another realm sophisticated data governance, another topic that's coming up more and more in all sectors but especially in healthcare.
How do you articulate the policies that really dictate the way these software assets need to perform? It's a huge issue because you're working across boundaries and state and local government and departments and agencies and healthcare providers and payers ... so it's just a huge issue.
developerWorks: Marty, it's such a complicated story and I know we can't go into great detail about how we can get there, but could you talk a bit about where we want to be and what a smarter picture looks like in a broad way around all of this and the results that come out of it?
Moseley: Yes. It is, you know, it is a long answer and a complex question. But let me try to break it down into just some simple steps that we need to start taking now.
First of all we need to stop thinking about all of this data residing in one humongous homogenous system because it just will never happen. We see in other sectors actually the number of software assets is growing, it's not shrinking. So that requires the right mental model from an architectural standpoint which is a service-oriented architecture.
So you need to think about all of these services, whether they're devices that's recording blood pressure and pulmonary issues and temperature, heart rate, or whether those are meters measuring blood glucose levels or any number of various things, whether those are registration systems, systems where doctors order lab tests. They're all services that need to reside in a neutral territory taking advantage of an enterprise service bus to communicate.
So what that causes you to think of is now you have policies that dictate what a particular service needs in order to provide an answer, what a particular individual is able to do or not do, and you're able to enforce those policies as contracts on that service bus.
So now it gives us a way to take the efforts of the data governance board or data governance steering committee or council, whatever you want to call that, and you get those policies a place to reside now in the enterprise service bus.
That gives you the ability to intermediate all of the requests for data and ensure that the requester has the rights to use that data and to kind of monitor and mediate that in the service layer. So that gives us kind of the right architectural building blocks for this. And of course, that's where that Initiate rebuilds our MDM solution.
We actually made it into a master data service that resides on the service bus. So if you want to ensure that me, as Marty Mosley, is not mixed up with another person who happens to be a male about the same age with a very similar name, because I happen to be diabetic and they're not, you know, it gives you the ability to enforce identity management and identity resolution which is a core capability.
It gives you the ability to prove that Dr. Jones, who is my primary care physician, has the rights to certain information that I've granted to him or to her and it makes sure that another doctor to whom I have not granted permission or my primary care physician has not granted permission is protected, is unable to get the data that they're requesting.
It gives you a place to effect those policies in that service bus. That allows us then to build trust into this network. And unless you can build trust into the network, you're going to have a very, very difficult time providing an infrastructure where people voluntarily provide data about themselves for their own benefit.
Watson: I'm really curious, I want to come at this from another way and that is to ask you what has joining IBM meant to your efforts in the MDM space? What has that synergy or that opportunity of joining the larger IBM going to mean in terms of progress or forward momentum of recognizing all of these issues you've brought up around data governance, master data management, and so on?
Moseley: When we were a small 300- or 400-person company living on our own, we were competing against the IBMs of the world. And so now, we are joined with the kind of premier provider of infrastructure, of storage, of message management, computing platforms — that gives us a huge leg up because now we have technologies that we have access to that we didn't really have access to before.
It allows us to plug our piece into a more comprehensive array of solutions. So if you think of smarter healthcare, you might instantly go to think not only about privacy but I also think about predictive analytics. And so with IBM assets, we have predictive analytics products. So that makes it easier for us to play in a kind of an end-to-end holistic solution instead of just being a master data service out there.
developerWorks: This has been a great discussion, Marty and Todd. And we certainly look forward to continue this discussion at the Information On Demand Global Conference that's coming up in Las Vegas the end of October. [October 2010 conference | current conference]. We encourage people to attend if they can. If not, follow the live interviews we'll be streaming from the expo during the conference. Todd and I will be there talking to people like Marty ... and hopefully Marty. And have a lot more to cover on this very fascinating and complex area of discussion.
Marty Mosley, architect in IBM's Information Agenda Tiger Team and former CTO of Initiate ... thank you, Marty for being here.
Moseley: Hey, you're more than welcome. Anytime.
developerWorks: And Todd, always, man, for adding the color that you add. Thanks very much.
Watson: Remember, what happens in Vegas will be televised this time. [LAUGHTER]
developerWorks: Thank you both. This is the developerWorks podcast. I'm Scott Laningham. Talk to you next time.